CVE-2018-6219

MEDIUM

Trend Micro Email Encryption Gateway 5.5 - Insecure Update via HTTP

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-6219. PoCs published by Core Security.

AI-analyzed exploit summary This exploit demonstrates a man-in-the-middle attack against Trend Micro Email Encryption Gateway's insecure update mechanism, allowing arbitrary file writes and root command execution via a malicious RPM file or cron job injection.

Description

An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Core Security · textwebappsjsp
https://www.exploit-db.com/exploits/44166

This exploit demonstrates a man-in-the-middle attack against Trend Micro Email Encryption Gateway's insecure update mechanism, allowing arbitrary file writes and root command execution via a malicious RPM file or cron job injection.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Trend Micro Email Encryption Gateway 5.5 (Build 1111.00)
No auth needed
Prerequisites: Man-in-the-middle position · Victim system initiating an update check
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/44166/
Vendor Advisory x_refsource_confirm
https://success.trendmicro.com/solution/1119349
Exploit, Technical Description, Third Party Advisory x_refsource_misc
https://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities

Scores

CVSS v3 6.5
EPSS 0.0410
EPSS Percentile 89.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-295
Status published
Products (1)
trendmicro/email_encryption_gateway 5.5
Published Mar 15, 2018
Tracked Since Feb 18, 2026